注册 | 登录

解决amazon web services - Implement oauth in AWS API Gateway

itPublisher 分享于



推荐:使用Amazon Web Services(AWS)云,基于linux搭建SmartFoxServer

 一程序猿买菜,抬头看天与卖菜大哥讨价还价,大哥不解问:“哥们,看天干嘛?”程序猿答:“云计算。”   新项目试水Amazon Web Services,由使用新浪SAE云的简

I am trying to create a simple service using AWS API gateway and Lambda.

I want to manage small amount of user/password pairs such that they can login in to get an access token to proceed with future API calls.

I am not sure if I have chosen the right tools for this, but I am wondering if there is any existing package or model that I can use to implement this functionality?

amazon-web-services oauth aws-lambda aws-api-gateway
asked Oct 20 '15 at 4:10 solosodium 462 2 13


1 Answers


A document titled "Amazon API Gateway + AWS Lambda + OAuth" describes what you need to do to protect a Web API implemented using Amazon API Gateway + AWS Lambda with an OAuth 2.0 access token. The introspection API (= an API to get information about an access token) used in the document is Authlete's one, but you can replace it with another different one you like. For example, if you use an authorization server implementation that supports RFC 7662 (OAuth 2.0 Token Introspection), you can use the introspection API defined in the specification.

Updated on 2016-Apr-6

推荐:Amazon Web Services发布AWS Tools For Windows PowerShell

本文来源于我在InfoQ中文站翻译的文章,原文地址是: 近日,Amazon Web Services(AWS)发布了针对W

On Feb 11, 2016, a blog entry of AWS Compute Blog, "Introducing custom authorizers in Amazon API Gateway", announced that Custom Authorizer had been introduced into Amazon API Gateway. Thanks to this mechanism, an API built on Amazon API Gateway can delegate validation of a Bearer token (such as an OAuth or SAML token) presented by a client application to an external authorizer.

How to protect APIs built on Amazon API Gateway by OAuth access tokens utilizing the new mechanism, Custom Authorier, is described in "Amazon APi Gateway Custom Authorizer + OAuth".

edited Apr 5 '16 at 17:26 answered Oct 31 '15 at 2:22 Takahiko Kawasaki 7,497 26 59      Are the links to authlete broken? Getting a 502 Bad Gateway response.... –  Metallikanz Apr 17 '16 at 13:55 1   @Metallikanz Thank you. The server was restarted and Authlete site is now available. –  Takahiko Kawasaki Apr 17 '16 at 14:06      Thanks... That was pretty quick! –  Metallikanz Apr 17 '16 at 14:11      Authlete is down again... –  mattblessed Jul 14 '16 at 16:31      Really sorry. We restarted the web server and will surely plan to change the hosting service. Please send a message to Twitter authlete next time you encounter a trouble again. –  Takahiko Kawasaki Jul 14 '16 at 18:11


推荐:使用Amazon Web Services(AWS)云,基于Linux部署MYSQL

数据库是服务器的标配了,总结下如何在AWS EC2 linux服务器中部署MYSQL(方法有很多,这只是其中比较顺手的一种-.-)。 1.SSH远程登录你的Linux服务器,具体方法








您的注册邮箱: 修改

重新发送激活邮件 进入我的邮箱